<?php
/**
 * Created by PhpStorm.
 *
 * Author : Traveler.
 * Time   : 2020/3/22 15:04
 * Company: Inner Mongolia Zhengzhi Network Technology Co., Ltd
 */

namespace app\admin\middleware;


use app\admin\model\Menu as MenuModel;

class Auth
{
    public function handle($request, \Closure $next)
    {
        // 超级管理员角色不受限制，并且只针对POST请求
        if (SUPERADMIN_ROLE_ID != session('admin_info')['role_id'] && $request->isPost()) {
            $current = strtolower('/' . app('http')->getName() . '/' . $request->controller() . '/' . $request->action());
            $permission = array_map('strtolower', MenuModel::whereIn('id', session('admin_info')['role']['nodes'])->column('url'));

            if (!in_array($current, $permission)) {
                return json(['code' => 1, 'msg' => '权限不足', 'data' => []]);
            }
        }

        return $next($request);
    }
}